Mastercard to use selfies for payments

July 3rd, 2015 1 Comment By Mof Gimmers

selfie Mastercard to use selfies for paymentsYou might think selfies are the worst thing that ever happened to the world, or indeed, may well think that they’re a marvellous show of self confidence in people. Either way, Mastercard see something different – they want to start using selfies to verify payments.

They’re only testing this at the moment, with 500 pilot users using photos instead of punching in PIN numbers. MasterCard’s chief product security officer Ajay Bhalla says this will be popular with young people. Presumably, young people who aren’t bothered about banks potentially storing photos of their faces.

Bhalla said: ”The new generation, which is into selfies… I think they’ll find it cool. They’ll embrace it. This seamlessly integrates biometrics into the overall payment experience. You can choose to use your fingerprint or your face – you tap it, the transaction is okayed and you’re done.”

So, what you might be able to do in the future, is hold your phones at eye-level and blink once when instructed, and boom boom, the process is complete.

Bhalla says that people’s selfies won’t be stored or transmitted, in its normal construction. However, we’ve all heard that before haven’t we?

Security issues with Windows 10?

July 2nd, 2015 3 Comments By Mof Gimmers

Windows 300x300 Security issues with Windows 10?You’ll know that you can get Windows 10 for free, but there’s some mutterings of discontent about the OS already, regarding the security of your WiFi password.

With a thing called WiFi Sense, anyone who rocks up to your house and gets the password for your WiFi, could let all their friends onto your network. Now, of course, someone could just tell everyone your WiFi password anyway, but this is slightly different.

This feature is designed to make it much easier for people to get access to the internet while they’re on the go, which it does by automatically logging them into wireless hotspots. It logs people into select open networks, and it also allows them to share secured connections with their pals.

So, should someone with a Windows 10 device log on to a new network, they can tick a box which will share that access with all their contacts – that includes  Facebook friends, contacts they’ve got on Outlook and the people they know on Skype.

Craig Mathias, from the Farpoint Group who happen to be specialists when it comes to wireless tech, said that this feature was “a cheap hack,” and continued by saying that ”no-one should ever leave WiFi access wide open.”

The idea behind WiFi Sense is so you can let your guests use your WiFi connection without having to give them the password. In a FAQ, it says that any user who shares network access, sends the password through an encrypted connection to a Microsoft server, where it is then stored (where it is encrypted) before being doled out securely to friends, which are found via location data from their device.

The worry is, is that Microsoft might have a feature that doesn’t work as well as they predict, which means hackers could find one of your friends on Facebook, and then get busy accessing your network via WiFi Sense.

Mercifully, you can opt out of this. To make your WiFi network unavailable to Wi-Fi Sense, you can rename your network to include “_optout” at the end of the SSID. Or, if you prefer, you can make sure the aforementioned checkbox turned off, and you can carry on giving your guests your WiFi password manually.

Google wants to give the world free internet

June 26th, 2015 3 Comments By Mof Gimmers

google Google wants to give the world free internetGoogle and Facebook are constantly trolling each other, and with Zuckerberg trying to give the developing world the internet (so they can keep tabs on absolutely everyone, ever), Google want to give the world free internet too (so they can keep tabs on absolutely everyone, ever).

The internet behemoth is rolling out free wifi in New York as part of a trial, which Google hopes will end up spanning the entire planet. They’ve set up a branch of their company to deal with this called ‘Sidewalk Labs’, are they’re hoping that they can create a signal that everyone can use, so you don’t have to rely on ropey connections in shops.

In New York, they’ve hit on a decent idea – they’re turning a load (10,000 in fact) of old phone booths into ‘wifi pylons’, which of course, will be ad-supported.

As well as that, the converted booths will provide a point where you can charge up your mobile phone (you have to assume it’ll have adapters that only work for Android phones, as Google inevitably won’t want to help out Apple at all). The old phone boxes will also have a touch screen so you can get info about the city and transport, and you’ll be able to make free domestic calls too.

These spots will be appearing in Autumn, and if they are deemed a success, Google will start rolling them out in other places.

google Google launch music streaming service (but might be spying on you)Google art taking shots at Apple by launching a free version of its music streaming service Play Music. Of course, Google Play Music as a subscription service is already a thing, but the internet behemoth has decided to take on Apple’s music service (and of course, Spotify’s).

This free version is going to be made up of curated playlists, which have been designed for different times of the day, which sounds a bit rubbish. Initially, this service is only available in the States and will have adverts like Spotify’s freemium service.

With Apple set to launch their music service on 30th June, they’re no doubt going to be annoyed by this.

In a blog post, Google product manager Elias Roman said: “Even if you’re not already a Google Play Music subscriber, we’ve got you covered. Google Play Music now has a free, ad-supported version in the US, giving you a new way to find just the right music – and giving artists another way to earn revenue.”

“The new free, ad-supported version of Google Play Music is launching first in the US. It’s available on the web today, and is rolling out this week to Android and iOS.”

However, this won’t cover up the fact that a load of people are losing their baps about Google spying on everyone. Open-source developers noticed that Chromium (that’s the open-source version of Chrome) had been installing audio-snooping code that was capable of listening to users.

Now, this code has been put in, so that people can talk to their computers via OK Google thingummy, which is all well and good, but the kicker here, is that the listening technology was activated without anyone’s permission. That, obviously, isn’t cricket.

“Without consent, Google’s code had downloaded a black box of code that – according to itself –  had turned on the microphone and was actively listening to your room”, said Rick Falkvinge, the Pirate party founder. “Which means that your computer had been stealth configured to send what was being said in your room to somebody else, to a private company in another country, without your consent or knowledge, an audio transmission triggered by… an unknown and unverifiable set of conditions”.

Google say that this isn’t activated “unless you opt in to hotwording”, but developers aren’t having that. Developer Ofer Zelig says: “While I was working I thought ‘I’m noticing that an LED goes on and off, on the corner of my eyesight [webcam]‘. And after a few times when it just seemed weird, I sat to watch for it and saw it happening. Every few seconds or so”.

So there you go – you can have free music, but Google might end up listening to you caterwauling along to it as well.

WhatsApp: worst for privacy

June 19th, 2015 No Comments By Mof Gimmers

whatsapp WhatsApp: worst for privacyIf you are the kind of person who worries about their privacy, and you use WhatsApp, then you may want to stop now. That’s because a new report ranks WhatsApp as the worst when it comes to protecting your data.

The excitingly named Electronic Frontier Foundation have done their annual ‘Who Has Your Back?’ report, and was very critical of the messaging app in pretty much every criteria. Of course, the app is owned by Facebook, so all this isn’t really a surprise.

Getting a hearty pat on the back for their efforts to respect your privacy where Dropbox, Apple, Adobe, Wikimedia, WordPress and Yahoo.

The ‘Who Has Your Back?’ report assesses techn companies in five criteria: whether they follow best practices for data security, whether they tell users when the government requests their data, whether they are open about their policies on hanging on to your data, whether or not they’ll tell people when the government demands the removal of content, and whether they publicly oppose backdoors which give the government access to data.

If you’d like to see the EFF report, click here to see the easy-to-read table with giant yellow stars.

600 million Samsung mobiles could be spied on

June 18th, 2015 2 Comments By Mof Gimmers

Samsung Galaxy Note 3 Back 300x168 600 million Samsung mobiles could be spied onIf you have a Samsung Galaxy, of any sort, your device could be spied on, thanks to a vulnerability in the in-built SwiftKey keyboard.

The keyboard comes installed in advance of 600 million of Samsung’s mobile devices, and apparently, it can be very easily hacked, which in turn, can give away a lot of your vital information.

This is according to Ryan Welton, who is a researcher with cyber-security firm NowSecure. He reckons that the flaw could allow hackers to see what you’re up to and can access your GPS, camera and microphone, as well as enabling them to secretly install malicious applications.

NowSecure say they told Samsung about this back in November, but no-one has done anything about it, so they’ve gone public.

In a statement by SwiftKey a while ago, they said, “the way this technology was integrated on Samsung devices introduced the security vulnerability.” However, they soon deleted that. The Guardian ran a quote from Joe Braid, chief marketing officer of SwiftKey, saying, “Unfortunately, we were only made aware of the issue on Tuesday. We are working as hard as possible to support Samsung and help it fix the issue.”

Samsung have since said that they “take emerging security threats very seriously… and [is] committed to providing the latest in mobile security.”

If you’re worried about this, there’s a host of other keyboards you can download from the Google Play store or, if you want to bolster your device’s security, here’s the Bitterwallet guide to the best security and anti-virus programs you can download.

facebook mobile 300x200 Belgium takes Facebook to court over privacy and trackingFacebook are in privacy trouble again, with the Belgian privacy commission taking the social network to court for alleged “trampling” over Belgian and European privacy laws. This legal action will be heard in an EU court on Thursday, after a report published by the Belgian privacy watchdog alleged that Facebook are breaching European privacy law, including the one about the tracking of non-users and logged out users.

The president of the Belgian privacy commission, Willem Debeuckelaere, says that Facebook are treating users’ private lives with no respect, and it needs to be stopped.

“It’s not because we want start a lawsuit over this, but we can not continue to negotiate through other means,” Debeuckelaere told Belgian news DeMorgen. “We want a judge to impose our recommendations. These recommendations are chiefly aimed at protecting internet users who are not Facebook members.”

According to the report, Facebook has been tracking users on a long-term basis who visit any of its pages, even if they don’t have a Facebook account. Of course, there’s a number of privacy cases being thrown at Facebook in Europe, which saw the European commission telling people that, if they want to protect their privacy, they should shut their Facebook accounts.

Naturally, the social network isn’t having it.

A Facebook spokesperson said: “We were surprised and disappointed that, after the [Belgium privacy commission] had already agreed to meet with us on the 19 June to discuss their recommendations, they took the theatrical action of bringing Facebook Belgium to court on the day beforehand.”

“Although we are confident that there is no merit to the case, we remain happy to work with them in an effort to resolve their concerns, through a dialogue with us at Facebook Ireland and with our regulator, the Irish data protection commissioner.”

This is a reference to the decision made by a Dutch court recently, which ruled that Facebook’s operations there were not responsible for data protection issues – that responsibility lies with Facebook in Ireland.

google Give your Google account a check up now, with Accounts pageYou might not trust someone like Google to look after your privacy or, indeed, you might just like tinkering with stuff because it makes you feel like you’re doing something useful with your life – either way, you can now mess around with your privacy controls if you have a Google account.

The internet giant has rejigged the account page, so hopefully, it makes the whole understanding what in the sam hell they’re doing with your data thing a little easier.

If you can’t be bothered reading more words and want to dive straight in, click here and it’ll take you to your account page.

So what’s the deal? Well, Google aren’t exactly offering you anything new with your security options, but what they are doing, is making things easier for you to understand. By making things simpler, you can toggle the options and have things which are more suited to what you want.

If you want a pointer, get yourself to the new Privacy Checkup and Security Check Up. That’s as good a place to start as any. The Privacy Checkup goes through the information that Google are storing and displaying across the variety of services they have. If you turn a lot of the settings off, you will lose the personalised service they offer, but that’s your call.

The Security Checkup meanwhile, goes through all the access settings for your Google account. Here, you can set up two-factor authentication (advised), and  lets you see which devices and apps have access to your account (you might have an old app that you never use anymore that still has access to your account, which you can ditch if you like).

So basically, take care of your account, because it isn’t worth letting someone else do it for you.

Class action for Yahoo! over email snooping

May 28th, 2015 No Comments By Mof Gimmers

yahoo logo 300x266 Class action for Yahoo! over email snoopingThink emails are worthless junk? Think again! A judge in California has ordered Yahoo! to face a nationwide class-action lawsuit, after accusing them of illegally intercepting the content of people’s emails that were sent to Yahoo email-havers from non-Yahoo accounts.

What were they doing with this information? You guessed it! It was all to hoover up information to be used to make money with advertising!

US District Judge Lucy Koh has ruled that anyone who sent emails to, or received emails from someone with Yahoo email since 2 October 2011 can sue as a group under the federal Stored Communications Act for alleged privacy violations. That’s going to be a terrifying amount of money, if the suit is successful.

Apparently, non-Yahoo Mail accounts were analysed by Yahoo!, who copied and snooped around in correspondence, including attachments and keywords and the class-action wants to see an injunction barring the alleged interceptions, plus damages.

What’s the excuses and reasoning from Yahoo! execs? Well, they reckon that, because some of the plaintiffs emailed Yahoo accounts despite concerns over the ways their information was processed, that pretty much amounts to consent. And, as well as that, we should feel sorry for Yahoo! because, it this goes through, the suit could set email services back by a decade.

The judge rejected both arguments. We’ll keep up with this and see who is allowed to claim for damages.

Bitterwallet Facebook censorship Sinister Facebook app lets you spy on pals whereaboutsEver thought to yourself that you’d like people to know where you are all the time? Ever wished you could leave the house, and people on the internet can track where you are to within 3 feet?

Well, you’re in luck – and so are stalkers – as there’s a new app called the Marauder Map which hooks up with Facebook, which allows people to instantly see where you are and where you’ve been. And yes, it is named after the map from Harry Potter, which only adds to how irritating this all is.

Mercifully, this only works if you leave your location services on (and only a fool would do that). If you have, then through this Chrome extension, a bubble pops up showing where you’ve been in a map screen, every time you open up Facebook’s Messenger.

“Bubbles on the map represent the most recent location for each user, and clicking on a user’s bubble brings up all past location points recorded for that user,” say the people behind it.

“This extension was developed as a demonstration not an actual tool to creep on your Facebook acquaintances. This is not meant to be used as a tool to creep on your friends, rather a demonstration of the scary amount of information you can gather on someone just by aggregating the data they provide through messenger.”

So there you have it. This app is a bit creepy, but it is meant to be, in a bid to try and make people aware of how much of their location they’re giving away.

If you want to look at the app, click here.

marauder map 500x359 Sinister Facebook app lets you spy on pals whereabouts

porn Are you going to need an online porn passport?Remember us telling you that you might have to whip out your ID to watch dirty videos online? Well, there’s more talk about this, with a new system for UK residents being proposed by the adult entertainment industry.

Soon enough, bongo sites could be required to verify the identity of visitors, which they’d do by checking who you are via ‘trusted’ organisations like banks, credit rating agencies and your mobile operator. Even the NHS might have to get involved.

This sounds exactly like the kind of thing that will never, ever, ever happen in a billion years, but, we report on it anyway because the Tories are gagging to find out who is watching smut on the internet. There’s clearly a lot of money to be made from such a thing, or they wouldn’t be bothered by it.

Of course, this isn’t aimed at adults (honest), but rather, protecting children from looking at a host of genitalia and poor acting skills. It is thought that, by introducing some online hurdles, it’ll stop innocent eyes from looking at people knocking their uglies together. Everyone who has used the internet for 10 minutes will know that, where there’s online hurdles, clever children who are internet-savvy will easily be able to bypass them.

The Digital Policy Alliance, which is made up of people in the industry, policy makers, charities and academics, is trying to pre-empt the law and any measures could be used for more than just porno-sites – we’re talking about anything selling tobacco, booze and other age-restricted things.

The alliance suggests “information already on file across central and local government (including DWP and the NHS) and/or the private sector to enable service providers to reliably check the age of almost any online user, including those who wish to remain anonymous”.

Any rules brought into place, you’d assume, would only apply to British companies, and getting businesses from overseas to agree to any measures is going to be nigh-on impossible, so all this seems like a lot of talk and expense for something that will never come to fruition. No change there then.

Is your sex data vulnerable?

May 22nd, 2015 1 Comment By Mof Gimmers

sex with glass Is your sex data vulnerable?You invariably indulge in safe sex, but is your sex data equally safe?

Well, if you’re a user of Adult FriendFinder, you should know about a hack that has taken place, with millions of accounts potentially breached.

Adult FriendFinder has over 63million users, and had been hit by ne’er-do-wells who have made off with a load of personal information. With that, comes people’s sexual preferences and whether or not you intend to cheat on your partner.

Email addresses, dates of birth and post codes were also taken, even if you deleted your account. This all smells like potential blackmail material, so get your excuses ready now.

For newer couples, just pretend you had the account before you met your current beau. If you’ve been with your partner for 30-odd years, then you might not need to worry too much as they might be on there as well, through being thoroughly disillusioned with your relationship. Hey! It might be just the thing to put some pep into your relationship, eh?

FriendFinder Networks Inc said: “We have already begun working closely with law enforcement and have launched a comprehensive investigation with the help of leading third-party forensics expert. We pledge to take the appropriate steps needed to protect our customers if they are affected.”

Apple Watch not as secure as you’d think

May 15th, 2015 1 Comment By Mof Gimmers

Having secure gadgets is a good thing as it offers you some solace that, should it get nicked, it might be useless to the crim who swiped it. However, the Apple Watch might not be as secure as you’d hope.

The 1.0 version of the smartwatch doesn’t really have anything to protect itself against thieves. Basically, if yours gets stolen, it is pretty easy to reset it and waltz away with it like it is brand new.

iPhone are much less easy when it comes to resetting, but with the Apple Watch, you can easily reset the device and pair it with a new phone, and you’re away.

Look! Here’s a video and everything!

Apple site iDownloadBlog pointed out the lack of an Activation Lock-like feature on Watch OS 1.0. “It’s not a security problem from a user data standpoint, but it is a security issue from a device theft standpoint,” it said.

“At the very least, it would seem that Apple could make it so that the device checks against the Apple ID of the last paired device, and requires the proper credentials before un-pairing with that device.”

BitTorrent launches chat app

May 14th, 2015 No Comments By Mof Gimmers

bleep bittorrent 300x187 BitTorrent launches chat appBitTorrent have launched their private messaging app, Bleep, across all the major platforms. Good news for those of you who don’t trust or like the existing ones.

Farid Fadaie, senior director of product development at BitTorrent, announced this news through the official BitTorrent blog. Farid confirmed that the app is now available to download on Android, iOS, Windows, and Mac from bleep.pm.

This is just the latest messenger app that is focused on privacy and security. Users of Bleep will be able to get a personalised Bleep key with the encryption keys for images stored on your device, rather than in a cloud.

That means there’s no server for hackers to get stuck into.

You’ll also be able to send ‘whisper messages’ with Bleep, which basically allows you to choose whether or not you want to keep parts of the conversation or not. With the whisper setting, all messages and pictures will disappear from devices after they’ve been viewed. Not unlike Snapchat in approach, but without – you’d hope – the privacy issues.

There’ll also be free voice calls, which are connected directly without the need for a cloud. Fancy a bit of this? Or will you wait a bit to see if it is another flash-in-the-pan app that you’ll have to move away from eventually?

What’s the catch with HowOld?

May 5th, 2015 2 Comments By Mof Gimmers

You may have been having a fun time with Microsoft’s new viral sensation – How-Old.net – but as ever, there may well be a catch.

While you’re uploading your face to find out how old you look, Microsoft might have been been storing your photos. Now, the front page of the service says: ”We don’t keep the photo [uploaded to the site],” but the terms of service suggest otherwise.

howold 500x320 Whats the catch with HowOld?

After the sentence that says that “Microsoft does not claim ownership of any materials you provide,” a different passage in the site’s terms of service adds:

“However, by posting, uploading, inputting, providing, or submitting your Submission, you are granting Microsoft, its affiliated companies, and necessary sublicensees permission to use your Submission in connection with the operation of their Internet businesses (including, without limitation, all Microsoft services), including, without limitation, the license rights to: copy, distribute, transmit, publicly display, publicly perform, reproduce, edit, translate, and reformat your Submission.”

It is all contradicting each other now. And there’s more. In there, it also says that it includes the right for Microsoft to “publish your name in connection with your Submission; and to sublicense such rights to any supplier of the Website Services.”

Microsoft have said, in relation to all this, that they do not store or share the pictures: “The terms of service are accurate. Developers get to choose how their apps work. The developers of How-old.net chose not to store or share photos for this app. These terms of services are like those of other companies.”

In summary – the application doesn’t store your photos, but Microsoft might handle them another way if they want to. If that’s the kind of thing that bothers you, you’ve been warned.